Legal

Privacy Policy

How we collect, use and protect your information when you apply for ETAs via ETA.travel.

1. INTRODUCTION

 

This Privacy Policy describes how Turismo Travels L.L.C (“Company”, “we”, “our”, or “us”) collects, uses, processes, stores, and protects personal data when individuals access or use the website eta.travel (the “Website”) and the services available through it.

The Website provides travel authorization assistance services, including support in preparing and submitting Electronic Travel Authorization (ETA), visa, and similar travel authorization applications to relevant government authorities.

The Company operates as an independent private service provider and is not affiliated with, endorsed by, or acting on behalf of any government authority. All decisions regarding visa or travel authorization approvals are made solely by the relevant governmental authorities.

This Privacy Policy applies to individuals accessing the Website from the United States, the European Union, and other jurisdictions worldwide. The Company aims to process personal data in compliance with applicable privacy and data protection laws, including but not limited to the General Data Protection Regulation (GDPR) where applicable.

By accessing the Website, submitting an application, or using the services, users acknowledge that they have read and understood this Privacy Policy and consent to the collection and processing of their personal data as described herein.

 

2. PERSONAL DATA WE COLLECT

 

In order to provide the services available on the Website, the Company may collect and process various categories of personal data submitted directly by users.

Personal identification information may include the user’s full name, nationality, previous nationalities, marital status, date of birth, and gender.

Passport and identification details may also be collected, including passport number, passport type, passport issue date and expiry date, country and city of birth, and place of passport issuance.

Contact information may include email address, phone number, residential address, postal or ZIP code, and emergency contact details.

Where required for travel authorization applications, the Company may collect travel-related information such as travel destinations, intended arrival and departure dates, flight numbers, accommodation or residence address, host information including name, address, phone number and relationship, travel mode (air, sea, or land), and travel history.

Certain travel authorization applications may require the submission of health information or declarations related to medical conditions where required by immigration authorities. The Company may also collect criminal background information where such disclosure is required as part of the travel authorization process.

Users may also upload supporting documentation including passport copies, identification documents, personal photographs, residency permits, and copies of passport pages containing entry or exit stamps.

The Company may also collect information voluntarily submitted through contact forms, email communications, or other inquiries made through the Website.

For internal operational purposes, the Company may also process limited personal data relating to employees or contractors, including identification documents, contact details, and personal photographs used for identification and operational purposes.

 

3. METHODS OF DATA COLLECTION

 

Personal data may be collected through online application forms available on the Website, contact forms, uploaded documents, email communications, and interactions with the Website.

Certain information may also be collected automatically through cookies and analytics technologies that monitor Website usage and improve the performance and functionality of the services.

In some circumstances, limited personal data may be collected indirectly from third parties that have a lawful basis to share such information. These may include payment processors or analytics providers that assist with the operation of the Website.

 

4. PAYMENT PROCESSING

 

The Company does not collect or store payment card details. All payments made through the Website are processed securely through third-party payment providers. Payment information entered during the payment process is transmitted directly to these payment processors and is handled in accordance with their own privacy and security policies.

 

5. PURPOSE OF PROCESSING PERSONAL DATA

 

Personal data is processed for the purpose of providing services requested by users through the Website. This includes preparing and submitting visa or ETA applications, communicating with applicants regarding their applications, verifying the accuracy of submitted documentation, responding to inquiries, providing customer support, improving the functionality and performance of the Website, preventing fraudulent activity, and complying with legal or regulatory obligations.

For users located within the European Economic Area, personal data processing may be based on one or more lawful grounds under the GDPR, including the performance of a contract with the user, the user’s consent, the Company’s legitimate interests in operating its services, or compliance with legal obligations.

 

6. SHARING OF PERSONAL DATA

 

Personal data may be shared with third parties where necessary to provide the requested services. This may include the transmission of application information to relevant immigration authorities or government systems responsible for processing travel authorizations, depending on the destination country.

Personal data may also be shared with service providers that support the operation of the Website, including payment processors, hosting providers, analytics providers, and technical infrastructure providers. These third parties process personal data in accordance with their own privacy policies and applicable data protection regulations.

 

7. INTERNATIONAL DATA TRANSFERS

 

Because the Company provides services globally, personal data may be stored or processed in data centers located in the United States, the European Union, and the United Arab Emirates.

Where international data transfers occur, the Company takes reasonable steps to ensure that personal data is protected in accordance with applicable data protection laws.

 

8. DATA RETENTION

 

Personal data will be retained only for as long as necessary to provide the requested services and maintain records relating to submitted applications.

Certain information may be retained for longer periods where necessary for legal compliance, fraud prevention, dispute resolution, or internal record keeping.

Analytics and tracking data may also be retained for longer periods for website performance monitoring and marketing analysis.

 

9. DATA SECURITY

 

The Company implements technical and organizational measures designed to protect personal data against unauthorized access, disclosure, alteration, or destruction.

These measures may include encrypted TLS connections, firewall protections, restricted access to systems based on defined user roles, encrypted storage environments, and secure network infrastructure.

Sensitive operations involving personal data may also be conducted through secure virtual machine environments, encrypted devices, and protected network access.

The Company continuously monitors its systems to detect potential security threats and conducts periodic security assessments to improve the effectiveness of its safeguards.

 

10. USER RIGHTS

 

Depending on applicable data protection laws, individuals may have certain rights regarding their personal data.

These rights may include the right to request access to personal data held by the Company, request correction of inaccurate information, request deletion of personal data, withdraw consent where processing is based on consent, or request restriction of certain processing activities.

Requests relating to personal data may be submitted by contacting the Company at:

XXX

The Company may require reasonable verification of identity before processing such requests.

 

11. DATA ACCURACY AND APPLICANT RESPONSIBILITY

 

Applicants are responsible for ensuring that all information submitted through the Website is accurate, complete, and truthful. The Company relies on the information provided by applicants in order to prepare and submit travel authorization applications.

The Company shall not be responsible for delays, refusals, or other adverse decisions resulting from inaccurate, incomplete, or misleading information submitted by the applicant.

 

12. SECURITY INCIDENTS AND BREACH RESPONSE

 

The Company maintains monitoring systems intended to detect potential security incidents. In the event of a data security incident, the Company may take immediate measures to secure affected systems, investigate the incident, and implement corrective actions.

Where required by applicable law, relevant authorities or affected individuals may be notified in accordance with legal obligations.

 

13. CHILDREN’S DATA

 

The Website is not intended for independent use by minors. However, applications for travel authorizations may include personal data relating to minors when submitted by parents or legal guardians as part of a travel application.

 

14. THIRD-PARTY WEBSITES

 

The Website may contain links to third-party websites. The Company is not responsible for the privacy practices or content of external websites and encourages users to review the privacy policies of such websites independently.

 

15. UPDATES TO THIS POLICY

 

The Company reserves the right to update this Privacy Policy from time to time to reflect changes in legal requirements, operational practices, or service improvements. Updated versions will be published on the Website with the revised effective date.

 

16. RELATIONSHIP WITH OTHER POLICIES AND TERMS

 

This Privacy Policy forms part of the legal framework governing the use of the Website together with the Terms and Conditions and any other policies or notices published on the Website.

In the event of any inconsistency or contradiction between this Privacy Policy and the Terms and Conditions of the Website, the provisions of the Terms and Conditions shall prevail, unless expressly stated otherwise in this Privacy Policy or in another policy published by the Company.

 

17. CONTACT INFORMATION

 

For questions regarding this Privacy Policy or requests relating to personal data, users may contact:

Turismo Travels